Crispen Maung, Chief Information Security Officer, Rapid
API-first strategies continue to radically transform the way in which applications are developed, so much that the ability to quickly leverage pre-existing resources to create new technology-based solutions at velocity is now a reality. However, the underlying security and privacy obligations tied to data as it traverses an API to internal or third-party resources is typically bypassed by the developer who is focused on creating new value. And yet this can be a major risk for falling out of compliance with federal and international security and privacy regulations. In essence the fiduciary responsibility for data governance fractures as the data passes onto third-party resource or service providers. This session will discuss the security and privacy issues associated with an API-first technology strategy and how it needs to include a resilient and scalable Information Security and Data Privacy initiative that allows for rapid application development, design flexibility, maximization of resources or services and solution release velocity that is ultimately ringfenced within an effective data governance program where data security and data privacy obligations are maintained.
